CVE-2020-36921

Summary

RED-V Super Digital Signage System 5.1.1 contains an information disclosure vulnerability that allows unauthenticated attackers to access sensitive webserver log files. Attackers can visit multiple endpoints to retrieve system resources and debug log information without authentication.

Affected Software

VendorProductVersion RangeStatus
REDRED-V Super Digital Signage System RXV-A740R5.1.1affected

Weaknesses

  • CWE-548: Exposure of Information Through Directory Listing

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: yes
    • Technical Impact: partial

References